51cto下载-ccna640-802v14题库(1-50).doc

1. What are two reasons that a network administrator would use access lists? (Choose two.)A. to control vty access into a routerB. to control broadcast traffic through a routerC. to filter traffic as it passes through a routerD. to filter traffic that originates from the routerE. to replace passwords as a line of defense against security incursionsAnswer: AC2. A default Frame Relay WAN is classified as what type of physical network?A. point-to-pointB. broadcast multi-accessC. nonbroadcast multi-accessD. nonbroadcast multipointE. broadcast point-to-multipointAnswer: C3. A single 802.11g access point has been configured and installed in the center of a square office. A few wireless users are experiencing slow performance and drops while most users are operating at peak efficiency. What arethree likely causes of this problem? (Choose three.)A. mismatched TKIP encryptionB. null SSIDC. cordless phonesD. mismatched SSIDE. metal file cabinetsF. antenna type or directionAnswer: CEF4. Refer to the exhibit. How many broadcast domains exist in the exhibited topology? A. oneB. twoC. threeD. fourE. fiveF. sixAnswer: C5. Refer to the exhibit. What two facts can be determined from the WLAN diagram? (Choose two.) A. The area of overlap of the two cells represents a basic service set (BSS).B. The network diagram represents an extended service set (ESS).C. Access points in each cell must be configured to use channel 1.D. The area of overlap must be less than 10% of the area to ensure connectivity.E. The two APs should be configured to operate on different channels.Answer: BE6. The command frame-relay map ip 10.121.16.8 102 broadcast was entered on the router. Which of the following statements is true concerning this command?A. This command should be executed from the global configuration mode.B. The IP address 10.121.16.8 is the local router port used to forward data.C. 102 is the remote DLCI that will receive the information.D. This command is required for all Frame Relay configurations.E. The broadcast option allows packets, such as RIP updates, to be forwarded across the PVC.Answer: E7. Which type of attack is characterized by a flood of packets that are requesting a TCP connection to a server?A. denial of serviceB. brute forceC. reconnaissanceD. Trojan horseAnswer: A8. Which of the following are associated with the application layer of the OSI model? (Choose two.)A. pingB. TelnetC. FTPD. TCPE. IPAnswer: BC9. Refer to the exhibit.The network administrator has created a new VLAN on Switch1 and added host C and host D. The administratorhas properly configured switch interfaces FastEthernet0/13 through FastEthernet0/24 to be members of the new VLAN. However, after the network administrator completed the configuration, host A could communicate with host B, but host A could not communicate with host C or host D. Which commands are required to resolve thisproblem?A. Router(config)# interface fastethernet 0/1.3Router(config-if)# encapsulation dot1q 3Router(config-if)# ip address 192.168.3.1 255.255.255.0B. Router(config)# router ripRouter(config-router)# network 192.168.1.0Router(config-router)# network 192.168.2.0Router(config-router)# network 192.168.3.0C. Switch1# vlan databaseSwitch1(vlan)# vtp v2-modeSwitch1(vlan)# vtp domain ciscoSwitch1(vlan)# vtp serverD. Switch1(config)# interface fastethernet 0/1Switch1(config-if)# switchport mode trunkSwitch1(config-if)# switchport trunk encapsulation islAnswer: A10. For security reasons, the network administrator needs to prevent pings into the corporate networks from hostsoutside the internetwork. Which protocol should be blocked with access control lists?A. IPB. ICMPC. TCPD. UDPAnswer: B11. What are two recommended ways of protecting network device configuration files from outside networksecurity threats? (Choose two.)A. Allow unrestricted access to the console or VTY ports.B. Use a firewall to restrict access from the outside to the network devices.C. Always use Telnet to access the device command line because its data is automatically encrypted.D. Use SSH or another encrypted and authenticated transport to access device configurations.E. Prevent the loss of passwords by disabling password encryption.Answer: BD12. Refer to the exhibit. The access list has been configured on the S0/0 interface of router RTB in the outbounddirection. Which two packets, if routed to the interface, will be denied? (Choose two.)access-list 101 deny tcp 192.168.15.32 0.0.0.15 any eq telnetaccess-list 101 permit ip any anyA. source ip address: 192.168.15.5; destination port: 21B. source ip address:, 192.168.15.37 destination port: 21C. source ip address:, 192.168.15.41 destination port: 21D. source ip address:, 192.168.15.36 destination port: 23E. source ip address: 192.168.15.46; destination port: 23F. source ip address:, 192.168.15.49 destination port: 23Answer: DE13. What are two security appliances that can be installed in a network? (Choose two.)A. ATMB. IDSC. IOSD. IOXE. IP。